Potential access or permission denied error with NFSv4 during a ‘git clone’ or ‘file open’ operation after an upgrade to IBM Storage Scale 5.1.9.10, 5.2.3.0, or 5.2.3.1

After an upgrade to IBM Storage Scale version 5.1.9.10, 5.2.3.0, or 5.2.3.1, clients that access files over NFSv4 may see access problems or "permission denied" errors. A common case when this issue can happen is when a user tries to run git clone into a directory mounted over NFS.

Problem Determination
This issue often occurs when run git clone into a directory mounted over NFS. The next snipet is an example output for this error:

$ git clone https://github.com/jupp0r/prometheus-cpp
Cloning into 'prometheus-cpp'...
remote: Enumerating objects: 5577, done.
remote: Counting objects: 100% (1562/1562), done.
remote: Compressing objects: 100% (373/373), done.
remote: Total 5577 (delta 1287), reused 1189 (delta 1189), pack-reused 4015 (from 2)
Receiving objects: 100% (5577/5577), 1.32 MiB | 7.94 MiB/s, done.
fatal: could not open '/mnt/nfs4/prometheus-cpp/.git/objects/pack/tmp_pack_fADmRg' for reading: Permission denied
fatal: fetch-pack: invalid index-pack output

Users Affected

• This issue may affect users that run NFSv4.0, NFSv4.1, or NFSv4.2 clients with IBM Storage Scale versions 5.1.9.10, 5.2.3.0, or 5.2.3.1 CES NFS —across all editions, architectures, and operating systems. The affected NFS versions are 5.7-ibm028.14 through 5.7-ibm028.16.

• Storage Scale Container Native Storage Access (CNSA) clusters are unaffected and can remain upon CNSA 5.2.3.0 / CNSA 5.2.3.1 levels.  However a remotely mounted storage cluster is affected if CES NFS is in use and running the affected NFS versions.  If this is the case, the recommended action should be followed for the storage cluster.  

Recommendations
Customers affected by this issue must contact IBM Support to request an interim fix (efix) to solve the problem.

• For IBM Storage Scale 5.1.9.10, 5.2.3.0 and 5.2.3.1, request an interim fix via APAR IJ55170

Internal R.351572